IoAllocateIrp

OSR_Community_User · April 11, 2002, 7:49am

Hi All,
I have a problem with IoCallDriver. I am using IoAllocateIrp to allocate
an Irp and send it Down to the other device ( These devices are not
attached to the driver stack). While returning the Irp Driver crashes at
an unknown place, with a bug check IRQL_NOT_LESS_OR_EQUAL. I am sending
the bug check text along with this mail. Please go thru it. Any
suggestions would be highly useful.
Thanks in advance,
-Naveen

f765f6c0 8042bcb9 00000004 ffdff408 f765f9d4
nt!RtlpBreakWithStatusInstruction
f765f6f0 8042c1e5 00000004 0000015a 8042e1e0 nt!KiBugCheckDebugBreak+0x31
f765fa78 80464b1f 00000000 0000015a 00000002 nt!KeBugCheckEx+0x5c2
f765fa78 8042e1e0 00000000 0000015a 00000002 nt!KiTrap0E+0x27c
f765fb10 8041f83c fcda2d08 00000000 00000000 nt!KeInsertQueueApc+0x16
f765fb40 fb675582 fce99510 fcda2cc8 fcc918a8 nt!IopfCompleteRequest+0x258
f765fb54 8041f54b fce99510 fcda2cc8 fcda2cc8 bt!BTLayerCalls+0x28f
f765fb68 f7785e85 fcc91b4c fcc918a8 fce072f8 nt!IopfCallDriver+0x35
f765fb94 f7784b43 fcc918a8 f765fbd8 fcc918a8
vport!VCOMM_InitiateWrite+0x11f
f765fbac f7784762 fcc918a8 fce07288 fce07288
vport!SerialGiveWriteToIsr+0x66
f765fbf0 f7782963 fcc918a8 fce07288 fcc918a8 vport!VCPStartWrite+0x175
f765fc0c f7784511 fcc918a8 fce07288 fcc91b44 vport!VCPQueueOrStartIrp+0x66
f765fc34 8041f54b fcc917f0 fce07288 fce07288 vport!VCPWrite+0xb2
f765fc48 804ba5e8 fce072f8 00744451 fce07288 nt!IopfCallDriver+0x35
f765fc5c 804af6dd fcc917f0 fce07288 fce3cb68
nt!IopSynchronousServiceTail+0x60
f765fd38 80461691 000000ec 00000084 00000000 nt!NtWriteFile+0x67a
f765fd38 77f891bb 000000ec 00000084 00000000 nt!KiSystemService+0xc4
0089fdbc 77e88f9e 000000ec 00000084 00000000 ntdll!ZwWriteFile+0xb
0089fe28 6ee38e9f 000000ec 00744450 00000001 KERNEL32!WriteFile+0xc5

OSR_Community_User · April 11, 2002, 9:31am

I assume you have a completion routine for the irp you are allocating, and
when you get called there you are deallocating the irp. Is that correct?

–
Mark Cariddi
Open Systems Resources, Inc.
www.osr.com

“Naveen Mellempudi” wrote in message
news:xxxxx@ntdev…
>
> Hi All,
> I have a problem with IoCallDriver. I am using IoAllocateIrp to allocate
> an Irp and send it Down to the other device ( These devices are not
> attached to the driver stack). While returning the Irp Driver crashes at
> an unknown place, with a bug check IRQL_NOT_LESS_OR_EQUAL. I am sending
> the bug check text along with this mail. Please go thru it. Any
> suggestions would be highly useful.
> Thanks in advance,
> -Naveen
>
>
> f765f6c0 8042bcb9 00000004 ffdff408 f765f9d4
> nt!RtlpBreakWithStatusInstruction
> f765f6f0 8042c1e5 00000004 0000015a 8042e1e0 nt!KiBugCheckDebugBreak+0x31
> f765fa78 80464b1f 00000000 0000015a 00000002 nt!KeBugCheckEx+0x5c2
> f765fa78 8042e1e0 00000000 0000015a 00000002 nt!KiTrap0E+0x27c
> f765fb10 8041f83c fcda2d08 00000000 00000000 nt!KeInsertQueueApc+0x16
> f765fb40 fb675582 fce99510 fcda2cc8 fcc918a8 nt!IopfCompleteRequest+0x258
> f765fb54 8041f54b fce99510 fcda2cc8 fcda2cc8 bt!BTLayerCalls+0x28f
> f765fb68 f7785e85 fcc91b4c fcc918a8 fce072f8 nt!IopfCallDriver+0x35
> f765fb94 f7784b43 fcc918a8 f765fbd8 fcc918a8
> vport!VCOMM_InitiateWrite+0x11f
> f765fbac f7784762 fcc918a8 fce07288 fce07288
> vport!SerialGiveWriteToIsr+0x66
> f765fbf0 f7782963 fcc918a8 fce07288 fcc918a8 vport!VCPStartWrite+0x175
> f765fc0c f7784511 fcc918a8 fce07288 fcc91b44 vport!VCPQueueOrStartIrp+0x66
> f765fc34 8041f54b fcc917f0 fce07288 fce07288 vport!VCPWrite+0xb2
> f765fc48 804ba5e8 fce072f8 00744451 fce07288 nt!IopfCallDriver+0x35
> f765fc5c 804af6dd fcc917f0 fce07288 fce3cb68
> nt!IopSynchronousServiceTail+0x60
> f765fd38 80461691 000000ec 00000084 00000000 nt!NtWriteFile+0x67a
> f765fd38 77f891bb 000000ec 00000084 00000000 nt!KiSystemService+0xc4
> 0089fdbc 77e88f9e 000000ec 00000084 00000000 ntdll!ZwWriteFile+0xb
> 0089fe28 6ee38e9f 000000ec 00744450 00000001 KERNEL32!WriteFile+0xc5
>
>

OSR_Community_User · April 11, 2002, 12:48pm

If you call IoAllocateIrp, then you must abort its completion by returning STATUS_MORE_PROCESSING_REQUIRED from the completion
routine.
You must not allow IO manager to unwind the whole IRP and to execute the code which follows this. This code will try to queue an APC
(IopCompleteRequest) for the second stage of completion, and IRPs allocated by IoAllocateIrp or IoBuildAsynchronousFsdRequest cannot
tolerate this since they are not fully initialized.
On the other hand, IRPs allocated by IoBuildSynchronousFsdRequest or IoBuildDeviceIoControlRequest must be unwinded to the bottom.
You cannot call IoFreeIrp on them.

Max

----- Original Message -----
From: “Naveen Mellempudi”
To: “NT Developers Interest List”
Sent: Thursday, April 11, 2002 3:48 PM
Subject: [ntdev] IoAllocateIrp

> Hi All,
> I have a problem with IoCallDriver. I am using IoAllocateIrp to allocate
> an Irp and send it Down to the other device ( These devices are not
> attached to the driver stack). While returning the Irp Driver crashes at
> an unknown place, with a bug check IRQL_NOT_LESS_OR_EQUAL. I am sending
> the bug check text along with this mail. Please go thru it. Any
> suggestions would be highly useful.
> Thanks in advance,
> -Naveen
>
>
> f765f6c0 8042bcb9 00000004 ffdff408 f765f9d4
> nt!RtlpBreakWithStatusInstruction
> f765f6f0 8042c1e5 00000004 0000015a 8042e1e0 nt!KiBugCheckDebugBreak+0x31
> f765fa78 80464b1f 00000000 0000015a 00000002 nt!KeBugCheckEx+0x5c2
> f765fa78 8042e1e0 00000000 0000015a 00000002 nt!KiTrap0E+0x27c
> f765fb10 8041f83c fcda2d08 00000000 00000000 nt!KeInsertQueueApc+0x16
> f765fb40 fb675582 fce99510 fcda2cc8 fcc918a8 nt!IopfCompleteRequest+0x258
> f765fb54 8041f54b fce99510 fcda2cc8 fcda2cc8 bt!BTLayerCalls+0x28f
> f765fb68 f7785e85 fcc91b4c fcc918a8 fce072f8 nt!IopfCallDriver+0x35
> f765fb94 f7784b43 fcc918a8 f765fbd8 fcc918a8
> vport!VCOMM_InitiateWrite+0x11f
> f765fbac f7784762 fcc918a8 fce07288 fce07288
> vport!SerialGiveWriteToIsr+0x66
> f765fbf0 f7782963 fcc918a8 fce07288 fcc918a8 vport!VCPStartWrite+0x175
> f765fc0c f7784511 fcc918a8 fce07288 fcc91b44 vport!VCPQueueOrStartIrp+0x66
> f765fc34 8041f54b fcc917f0 fce07288 fce07288 vport!VCPWrite+0xb2
> f765fc48 804ba5e8 fce072f8 00744451 fce07288 nt!IopfCallDriver+0x35
> f765fc5c 804af6dd fcc917f0 fce07288 fce3cb68
> nt!IopSynchronousServiceTail+0x60
> f765fd38 80461691 000000ec 00000084 00000000 nt!NtWriteFile+0x67a
> f765fd38 77f891bb 000000ec 00000084 00000000 nt!KiSystemService+0xc4
> 0089fdbc 77e88f9e 000000ec 00000084 00000000 ntdll!ZwWriteFile+0xb
> 0089fe28 6ee38e9f 000000ec 00744450 00000001 KERNEL32!WriteFile+0xc5
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to %%email.unsub%%
>

OSR_Community_User · April 12, 2002, 7:07am

Thanks to Max and Mark,
i was not setting the completion routine. … it worked .

Thanks a lot,
-Naveen

If you call IoAllocateIrp, then you must abort its completion by returning STATUS_MORE_PROCESSING_REQUIRED from the completion
routine.
You must not allow IO manager to unwind the whole IRP and to execute the code which follows this. This code will try to queue an APC
(IopCompleteRequest) for the second stage of completion, and IRPs allocated by IoAllocateIrp or IoBuildAsynchronousFsdRequest cannot
tolerate this since they are not fully initialized.
On the other hand, IRPs allocated by IoBuildSynchronousFsdRequest or IoBuildDeviceIoControlRequest must be unwinded to the bottom.
You cannot call IoFreeIrp on them.

Max